Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/18Ab_7kiwhu0CQqRxksmPgKIGGY.roa
File: 18Ab_7kiwhu0CQqRxksmPgKIGGY.roa (raw, json)
Hash identifier: o+lZk6VVh9S6UEp+snLi70dWbZpXSwVMLNQ4IVft6qA=
Subject key identifier: D7:C0:1B:FF:B9:22:C2:1B:B4:09:0A:91:C6:4B:26:3E:02:88:18:66
Certificate issuer: /CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Certificate serial: 0197C0D5219E8C60A3977670BAB998A362B0
Authority key identifier: 00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/18Ab_7kiwhu0CQqRxksmPgKIGGY.roa
Signing time: Mon 30 Jun 2025 12:34:42 +0000
ROA not before: Mon 30 Jun 2025 12:34:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59437
IP address blocks: 85.234.64.0/24 maxlen: 24
85.234.66.0/24 maxlen: 24
85.234.67.0/24 maxlen: 24
85.234.84.0/24 maxlen: 24
85.234.86.0/24 maxlen: 24
92.38.143.0/24 maxlen: 24
93.119.168.0/24 maxlen: 24
93.119.169.0/24 maxlen: 24
109.61.121.0/24 maxlen: 24
2a03:90c0:680::/44 maxlen: 44
2a03:90c0:7b0::/44 maxlen: 44
Validation: Failed, certificate revoked on Tue 01 Jul 2025 14:56:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c0:d5:21:9e:8c:60:a3:97:76:70:ba:b9:98:a3:62:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Validity
Not Before: Jun 30 12:34:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7c01bffb922c21bb4090a91c64b263e02881866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:cf:31:e3:6b:ce:5a:ce:1c:7c:ba:5c:92:f8:
b7:7c:4b:14:ed:9d:a6:d3:50:d8:97:fc:5b:ef:e0:
23:cb:06:90:f1:6b:68:79:87:6a:91:e6:be:a8:df:
f4:2e:b8:05:7c:31:34:92:fe:bf:19:a1:b7:de:d2:
25:82:15:4f:5a:d4:c2:73:ed:8f:ef:f8:36:c6:cc:
f1:53:a0:35:c8:36:2b:1c:ee:fb:06:47:59:00:9d:
8f:a5:88:aa:1c:2b:22:85:7f:3e:e1:ac:8f:56:dc:
22:c2:69:35:e3:24:ca:b7:7e:ff:36:4d:14:04:de:
60:ed:fe:53:35:99:1e:1f:ca:d5:d2:ac:7d:16:ec:
e4:3d:bc:8c:b4:02:a2:de:2f:37:f8:05:b8:e9:cb:
6c:58:c4:b6:6b:e0:82:86:2c:d6:45:0b:58:08:fb:
79:cd:d6:22:b8:ff:f2:eb:83:09:73:73:3a:af:54:
d6:84:9f:9b:ee:66:20:3e:1d:ab:5f:93:6b:c8:64:
51:e7:31:8f:00:24:44:30:37:ac:7f:19:e1:cc:13:
13:90:ae:54:d3:6b:1a:1d:9b:96:6f:90:03:1e:66:
02:b9:29:07:c5:4a:5c:56:3f:3a:90:44:7a:fd:66:
1d:8f:5d:4e:a2:e4:95:1e:00:ea:da:34:73:c5:36:
3d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:C0:1B:FF:B9:22:C2:1B:B4:09:0A:91:C6:4B:26:3E:02:88:18:66
X509v3 Authority Key Identifier:
keyid:00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/18Ab_7kiwhu0CQqRxksmPgKIGGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.234.64.0/24
85.234.66.0/23
85.234.84.0/24
85.234.86.0/24
92.38.143.0/24
93.119.168.0/23
109.61.121.0/24
IPv6:
2a03:90c0:680::/44
2a03:90c0:7b0::/44
Signature Algorithm: sha256WithRSAEncryption
83:9c:82:7d:f4:ed:71:93:6c:16:c7:46:1e:78:cd:38:29:21:
d8:6d:6e:c1:55:81:6f:9a:c3:0f:c3:56:fd:80:5e:55:32:c6:
e8:b3:13:c0:e3:55:eb:11:90:37:1b:b9:4b:58:8a:e3:28:da:
1e:55:2f:3c:e8:60:d9:22:38:b2:6c:06:ac:c4:6f:bf:4c:de:
6c:6b:8f:1d:66:f1:1a:cb:31:7a:df:ff:60:b3:6f:0a:41:d7:
23:d3:de:b8:14:25:ed:2f:e3:6e:af:93:03:29:0d:4c:e7:10:
3a:47:ac:4b:62:c6:91:04:92:71:27:1c:33:e6:6d:0b:6e:1f:
09:a8:de:84:73:89:ef:f4:da:ff:d1:c3:95:16:b4:b2:23:96:
85:6b:f8:3e:72:ac:c0:f0:f0:e2:ba:56:be:bf:97:9f:e2:f8:
7e:5b:0e:28:62:93:c9:90:b5:c5:bd:dc:34:c1:e2:20:5d:f6:
22:8c:37:24:1d:e2:fe:99:4f:08:c1:cd:5f:40:ca:73:cf:22:
f9:c8:e2:cc:53:7d:8c:a2:9b:d8:b7:4e:ae:d3:43:88:05:d3:
39:e7:30:31:2a:23:bb:c9:2f:e7:1f:78:d4:33:31:9a:f7:6d:
3c:16:7e:9a:2b:c8:1e:99:de:29:f8:4b:46:d4:26:b8:e3:51:
59:c3:57:8d
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZfA1SGejGCjl3ZwurmYo2KwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTRmNmE3NzM2OGI3Y2VjZmU2NzIyMGI0MzY1NzZiMWUw
MDhhZWMwHhcNMjUwNjMwMTIzNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2MwMWJmZmI5MjJjMjFiYjQwOTBhOTFjNjRiMjYzZTAyODgxODY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtc8x42vOWs4cfLpckvi3fEsU7Z2m
01DYl/xb7+AjywaQ8WtoeYdqkea+qN/0LrgFfDE0kv6/GaG33tIlghVPWtTCc+2P
7/g2xszxU6A1yDYrHO77BkdZAJ2PpYiqHCsihX8+4ayPVtwiwmk14yTKt37/Nk0U
BN5g7f5TNZkeH8rV0qx9FuzkPbyMtAKi3i83+AW46ctsWMS2a+CChizWRQtYCPt5
zdYiuP/y64MJc3M6r1TWhJ+b7mYgPh2rX5NryGRR5zGPACREMDesfxnhzBMTkK5U
02saHZuWb5ADHmYCuSkHxUpcVj86kER6/WYdj11OouSVHgDq2jRzxTY9bQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFNfAG/+5IsIbtAkKkcZLJj4CiBhmMB8GA1UdIwQY
MBaAFADk9qdzaLfOz+ZyILQ2V2seAIrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMt
YjA3ZDg0MTZhZTRhLzEvMThBYl83a2l3aHUwQ1FxUnhrc21QZ0tJR0dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMtYjA3ZDg0MTZhZTRh
LzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAwBAIAATAqAwQAVepAAwQB
VepCAwQAVepUAwQAVepWAwQAXCaPAwQBXXeoAwQAbT15MBgEAgACMBIDBwQqA5DA
BoADBwQqA5DAB7AwDQYJKoZIhvcNAQELBQADggEBAIOcgn307XGTbBbHRh54zTgp
IdhtbsFVgW+aww/DVv2AXlUyxuizE8DjVesRkDcbuUtYiuMo2h5VLzzoYNkiOLJs
BqzEb79M3mxrjx1m8RrLMXrf/2CzbwpB1yPT3rgUJe0v426vkwMpDUznEDpHrEti
xpEEknEnHDPmbQtuHwmo3oRzie/02v/Rw5UWtLIjloVr+D5yrMDw8OK6Vr6/l5/i
+H5bDihik8mQtcW93DTB4iBd9iKMNyQd4v6ZTwjBzV9AynPPIvnI4sxTfYyim9i3
Tq7TQ4gF0znnMDEqI7vJL+cfeNQzMZr3bTwWfporyB6Z3in4S0bUJrjjUVnDV40=
-----END CERTIFICATE-----
Generated at Tue Jul 29 07:26:54 2025 by rpki-client